The many business benefits made possible by digital transformation are undoubtedly making waves across industries. Data is the raw material that drives smarter decision-making, and as such, drives value for organizations, but things quickly get challenging when you start to consider how all that data will be used—and who has access to it, when. It was easier for security teams when all this data was housed inside the perimeter of the data center environment over which the organization had total control. Now, however, the business relies on remote workers and extensive collaboration with third-parties, leveraging SaaS and cloud-based tool providers who can only deliver results when provided with this critical data.
Starting to think with SASE
How can we protect and share the rapidly expanding pool of data powering digital transformation? This is the crux of the challenge facing network and security teams, and the only way to solve it is by working together. We need to take a holistic and converged approach to how we approach this problem with both the network speed and performance characteristics being hand-in-glove with the data security requirements. Otherwise, we’ll never get to a seamless, secure flow of data businesses expect digitalization to provide.
That’s what makes the SASE concept so important. In the modern, cloud-first world there is no more “inside” and “outside.” Data is being used in multiple environments and the associated risks are no longer neatly divisible between internal and external security needs. Businesses need to interact with customers and third-parties and it isn’t confined to just the data center. Business needs to go where its requirements lead. Period.
SASE architecture, when properly implemented, protects data and users wherever they are in the cloud, however they choose to use data. By putting a security cloud between users and the applications and data they access–at the point of access, with proper context considered every time— organization’sregain control without thwarting choice and collaboration, or hurting the user experience. A security function can then enable the business to innovate without creating undue risk.
Converging networking and security needs
There’s a critical element to getting SASE right that isn’t discussed as often as the definition of the SASE framework itself. SASE isn’t the driver for transformation, it is just one component of what makes it possible to safely meet those needs. SASE enables those with security and network responsibilities to give answers that support the needs of the business.
This is important because key decision-makers like CIOs and CISOs aren’t squarely focused on technology. They care about risk, requirements, and standards. SASE lets network and security better participate in the shared mission of managing risk while meeting business needs. The transparency of SASE—with Zero Trust principles applied at every point data is accessed—reveals where the data is flowing, who is using the data, and how the data is being controlled. That, in turn, helps security teams implement the right level of controls commensurate with the business’ appetite for risk and risk mitigation expectations, and helps networking teams optimize connectivity, uptime, and business resilience.
Don’t underestimate how important this convergence is. The neat divide between network and security teams that functioned in the past is now stifling collaboration. Before, network people built the roads the business needed to go on to get things done. Then the security team had the job of erecting the guardrails and manning the barriers on that road to keep data, people, and systems safe.
That separation in the pre-SASE world resulted in conflicting or misaligned priorities. When the network teams are obsessed with performance and the security teams are obsessed with protection, individual team needs might be met,